lemur/lemur/sources/cli.py

"""
.. module: lemur.sources.cli
    :platform: Unix
    :copyright: (c) 2018 by Netflix Inc., see AUTHORS for more
    :license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
import sys
import time

from tabulate import tabulate

from flask_script import Manager

from flask import current_app

from lemur.constants import SUCCESS_METRIC_STATUS, FAILURE_METRIC_STATUS

from lemur.extensions import metrics, sentry
from lemur.plugins.base import plugins

from lemur.sources import service as source_service
from lemur.users import service as user_service
from lemur.certificates import service as certificate_service


manager = Manager(usage="Handles all source related tasks.")


def validate_sources(source_strings):
    sources = []
    if not source_strings:
        table = []
        for source in source_service.get_all():
            table.append([source.label, source.active, source.description])

        print("No source specified choose from below:")
        print(tabulate(table, headers=["Label", "Active", "Description"]))
        sys.exit(1)

    if "all" in source_strings:
        sources = source_service.get_all()
    else:
        for source_str in source_strings:
            source = source_service.get_by_label(source_str)

            if not source:
                print(
                    "Unable to find specified source with label: {0}".format(source_str)
                )
                sys.exit(1)

            sources.append(source)
    return sources


@manager.option(
    "-s",
    "--sources",
    dest="source_strings",
    action="append",
    help="Sources to operate on.",
)
def sync(source_strings):
    sources = validate_sources(source_strings)
    for source in sources:
        status = FAILURE_METRIC_STATUS

        start_time = time.time()
        print("[+] Staring to sync source: {label}!\n".format(label=source.label))

        user = user_service.get_by_username("lemur")

        try:
            data = source_service.sync(source, user)
            print(
                "[+] Certificates: New: {new} Updated: {updated}".format(
                    new=data["certificates"][0], updated=data["certificates"][1]
                )
            )
            print(
                "[+] Endpoints: New: {new} Updated: {updated}".format(
                    new=data["endpoints"][0], updated=data["endpoints"][1]
                )
            )
            print(
                "[+] Finished syncing source: {label}. Run Time: {time}".format(
                    label=source.label, time=(time.time() - start_time)
                )
            )
            status = SUCCESS_METRIC_STATUS

        except Exception as e:
            current_app.logger.exception(e)

            print("[X] Failed syncing source {label}!\n".format(label=source.label))

            sentry.captureException()
            metrics.send(
                "source_sync_fail",
                "counter",
                1,
                metric_tags={"source": source.label, "status": status},
            )

        metrics.send(
            "source_sync",
            "counter",
            1,
            metric_tags={"source": source.label, "status": status},
        )


@manager.option(
    "-s",
    "--sources",
    dest="source_strings",
    action="append",
    help="Sources to operate on.",
)
@manager.option(
    "-c",
    "--commit",
    dest="commit",
    action="store_true",
    default=False,
    help="Persist changes.",
)
def clean(source_strings, commit):
    sources = validate_sources(source_strings)
    for source in sources:
        s = plugins.get(source.plugin_name)

        if not hasattr(s, "clean"):
            print(
                "Cannot clean source: {0}, source plugin does not implement 'clean()'".format(
                    source.label
                )
            )
            continue

        start_time = time.time()

        print("[+] Staring to clean source: {label}!\n".format(label=source.label))

        cleaned = 0
        for certificate in certificate_service.get_all_pending_cleaning(source):
            status = FAILURE_METRIC_STATUS
            if commit:
                try:
                    s.clean(certificate, source.options)
                    certificate.sources.remove(source)
                    certificate_service.database.update(certificate)
                    status = SUCCESS_METRIC_STATUS
                except Exception as e:
                    current_app.logger.exception(e)
                    sentry.captureException()

            metrics.send(
                "clean",
                "counter",
                1,
                metric_tags={"source": source.label, "status": status},
            )

            current_app.logger.warning(
                "Removed {0} from source {1} during cleaning".format(
                    certificate.name, source.label
                )
            )

            cleaned += 1

        print(
            "[+] Finished cleaning source: {label}. Removed {cleaned} certificates from source. Run Time: {time}\n".format(
                label=source.label, time=(time.time() - start_time), cleaned=cleaned
            )
        )
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`"""`
			`.. module: lemur.sources.cli`
			`:platform: Unix`
Addressing comments. Updating copyrights. Added function to determine authorative name server 2018-05-29 19:18:16 +02:00			`:copyright: (c) 2018 by Netflix Inc., see AUTHORS for more`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`:license: Apache, see LICENSE for more details.`
			`.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>`
			`"""`
			`import sys`
			`import time`

			`from tabulate import tabulate`

			`from flask_script import Manager`

			`from flask import current_app`

Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-03 00:26:31 +01:00			`from lemur.constants import SUCCESS_METRIC_STATUS, FAILURE_METRIC_STATUS`

Adding additional failure conditions to sentry tracking. (#853) * Adding additional failure conditions to sentry tracking. * Removing sentry extension as a circular import. 2017-07-13 23:49:04 +02:00			`from lemur.extensions import metrics, sentry`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00			`from lemur.plugins.base import plugins`

Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`from lemur.sources import service as source_service`
			`from lemur.users import service as user_service`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00			`from lemur.certificates import service as certificate_service`

Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00
			`manager = Manager(usage="Handles all source related tasks.")`


			`def validate_sources(source_strings):`
			`sources = []`
			`if not source_strings:`
			`table = []`
			`for source in source_service.get_all():`
			`table.append([source.label, source.active, source.description])`

			`print("No source specified choose from below:")`
Black lint all the things 2019-05-16 16:57:02 +02:00			`print(tabulate(table, headers=["Label", "Active", "Description"]))`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`sys.exit(1)`

Black lint all the things 2019-05-16 16:57:02 +02:00			`if "all" in source_strings:`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`sources = source_service.get_all()`
			`else:`
			`for source_str in source_strings:`
			`source = source_service.get_by_label(source_str)`

			`if not source:`
Black lint all the things 2019-05-16 16:57:02 +02:00			`print(`
			`"Unable to find specified source with label: {0}".format(source_str)`
			`)`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`sys.exit(1)`

			`sources.append(source)`
			`return sources`


Black lint all the things 2019-05-16 16:57:02 +02:00			`@manager.option(`
			`"-s",`
			`"--sources",`
			`dest="source_strings",`
			`action="append",`
			`help="Sources to operate on.",`
			`)`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`def sync(source_strings):`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00			`sources = validate_sources(source_strings)`
			`for source in sources:`
Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-03 00:26:31 +01:00			`status = FAILURE_METRIC_STATUS`

Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`start_time = time.time()`
			`print("[+] Staring to sync source: {label}!\n".format(label=source.label))`

Black lint all the things 2019-05-16 16:57:02 +02:00			`user = user_service.get_by_username("lemur")`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00
			`try:`
Endpoint sync fixes (#604) 2016-12-15 19:26:59 +01:00			`data = source_service.sync(source, user)`
			`print(`
			`"[+] Certificates: New: {new} Updated: {updated}".format(`
Black lint all the things 2019-05-16 16:57:02 +02:00			`new=data["certificates"][0], updated=data["certificates"][1]`
Endpoint sync fixes (#604) 2016-12-15 19:26:59 +01:00			`)`
			`)`
			`print(`
			`"[+] Endpoints: New: {new} Updated: {updated}".format(`
Black lint all the things 2019-05-16 16:57:02 +02:00			`new=data["endpoints"][0], updated=data["endpoints"][1]`
Endpoint sync fixes (#604) 2016-12-15 19:26:59 +01:00			`)`
			`)`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`print(`
			`"[+] Finished syncing source: {label}. Run Time: {time}".format(`
Black lint all the things 2019-05-16 16:57:02 +02:00			`label=source.label, time=(time.time() - start_time)`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`)`
			`)`
Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-03 00:26:31 +01:00			`status = SUCCESS_METRIC_STATUS`

Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`except Exception as e:`
			`current_app.logger.exception(e)`

Black lint all the things 2019-05-16 16:57:02 +02:00			`print("[X] Failed syncing source {label}!\n".format(label=source.label))`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00
Adding additional failure conditions to sentry tracking. (#853) * Adding additional failure conditions to sentry tracking. * Removing sentry extension as a circular import. 2017-07-13 23:49:04 +02:00			`sentry.captureException()`
Black lint all the things 2019-05-16 16:57:02 +02:00			`metrics.send(`
			`"source_sync_fail",`
			`"counter",`
			`1,`
			`metric_tags={"source": source.label, "status": status},`
			`)`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00
Black lint all the things 2019-05-16 16:57:02 +02:00			`metrics.send(`
			`"source_sync",`
			`"counter",`
			`1,`
			`metric_tags={"source": source.label, "status": status},`
			`)`
Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-03 00:26:31 +01:00
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00
Black lint all the things 2019-05-16 16:57:02 +02:00			`@manager.option(`
			`"-s",`
			`"--sources",`
			`dest="source_strings",`
			`action="append",`
			`help="Sources to operate on.",`
			`)`
			`@manager.option(`
			`"-c",`
			`"--commit",`
			`dest="commit",`
			`action="store_true",`
			`default=False,`
			`help="Persist changes.",`
			`)`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00			`def clean(source_strings, commit):`
			`sources = validate_sources(source_strings)`
			`for source in sources:`
			`s = plugins.get(source.plugin_name)`

Black lint all the things 2019-05-16 16:57:02 +02:00			`if not hasattr(s, "clean"):`
			`print(`
			`"Cannot clean source: {0}, source plugin does not implement 'clean()'".format(`
			`source.label`
			`)`
			`)`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00			`continue`

Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`start_time = time.time()`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`print("[+] Staring to clean source: {label}!\n".format(label=source.label))`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00
			`cleaned = 0`
			`for certificate in certificate_service.get_all_pending_cleaning(source):`
Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-03 00:26:31 +01:00			`status = FAILURE_METRIC_STATUS`
			`if commit:`
			`try:`
			`s.clean(certificate, source.options)`
			`certificate.sources.remove(source)`
			`certificate_service.database.update(certificate)`
			`status = SUCCESS_METRIC_STATUS`
			`except Exception as e:`
			`current_app.logger.exception(e)`
			`sentry.captureException()`

Black lint all the things 2019-05-16 16:57:02 +02:00			`metrics.send(`
			`"clean",`
			`"counter",`
			`1,`
			`metric_tags={"source": source.label, "status": status},`
			`)`
Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-03 00:26:31 +01:00
Black lint all the things 2019-05-16 16:57:02 +02:00			`current_app.logger.warning(`
			`"Removed {0} from source {1} during cleaning".format(`
			`certificate.name, source.label`
			`)`
			`)`
Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-03 00:26:31 +01:00
			`cleaned += 1`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`print(`
Clean refactor (#635) * Adding rotation to the UI. * Removing spinkit dependency. * refactoring source cleaning 2016-12-27 19:31:33 +01:00			`"[+] Finished cleaning source: {label}. Removed {cleaned} certificates from source. Run Time: {time}\n".format(`
Black lint all the things 2019-05-16 16:57:02 +02:00			`label=source.label, time=(time.time() - start_time), cleaned=cleaned`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`)`
			`)`